System Overview

System Overview

Wombat Security Technologies, Inc. (“Wombat”) provides the most comprehensive and effective cybersecurity awareness solution on the market today. Founded in 2008, at the world-renowned Carnegie Mellon University (CMU), Wombat’s SaaS-based solution can be accessed anywhere with internet connection, regardless of geographical location. With a worldwide presence, Wombat’s customers include Fortune 50, 100, and 500 industry leaders ranging in size from 1,000 to over 300,000 employees in over 130 countries (Wombat, 2017).  For more details on Wombat, please visit https://www.wombatsecurity.com/

Primary Purpose

“Today, nearly every organization is online, making any Internet-connected network a potential entry point for the growing worldwide community of computer criminals, state-sponsored infiltrators, corporate spies, and other malfeasants. Software and hardware solutions are also more complex than ever” (Gallaugher, 2015). As phishing and cyber security attacks continue to escalate globally, especially with recent incidences with HBO and Equifax hacks, the need for cybersecurity education to combat these risks increase as well. Often these attacks are well-disguised and crafty in their attempts to leverage themselves as a trusted source in an attempt to gain information (Gallaugher, 2015). In order to protect organizational and personal information it is imperative to remain educated about potential cyber attacks and how to respond when presented with a potential attack. “Wombat’s Security Education Platform is a SaaS-based, interactive training solution that includes knowledge assessments, simulated attacks, and interactive training modules, which has been proven to reduce malware infections and successful phishing attacks by up to 90% while diminishing employee-based security risks by an average of 60%” (Wombat, 2017). Keeping up in an age of fast technological development is crucial for any business or institution that wants to have a competitive advantage. Falling behind on the latest developments, and failing to keep what you have built safe, is a recipe failure in today’s rapidly growing world (Times, 2015). Through implementing Wombat’s Security Education Program, Chatham University will have provided the tools necessary for students to recognize and prevent cyberattacks. It is important that students are educated on cyber security risks and how they can play a crucial role in protecting their information as well as the information of their educational institution.

Features & Functions

Wombat’s Security Education Platform is a SaaS-based (vendor-hosted) system with the option to have training modules delivered via Chatham’s Learning Management System (LMS), if requested. The following outlines the proposed products for Chatham University’s Security Education Program.

Product Name	Description	Features
CyberStrength	a customizable knowledge assessment that evaluates employee cybersecurity knowledge that can create broad or targeted assessments	Evaluate end user awareness with a library of 150+ questions that cover a variety of topics Utilize as pre- and post-assessment to: identify risk within the organization, identify the members at risk, and measure effectiveness of training 7 Predefined (10-15 questions) and 5 Broad (55, 33, or 22 questions) assessments available, as well as fully-customizable options Auto-Enrollment feature automatically assigns training to employees based on results
ThreatSim	a simulated attack product that delivers phishing emails with embedded Teachable Moments that deliver ‘just-in-time’ teaching	Simulated phishing attacks embedded with Teachable Moments 500+ phishing templates across 30 languages and 13 categories New templates added monthly, based on customer requests, seasonal topics, and phishing events in the wild 3 Key Types: File Attachment, Embedded Links, and Data Entry Teachable Moments are “just-in-time teaching” messages to educate end users who fall for a phish as to the mistake made Fully customizable options: Teachable Moments, Domains, Phishing Templates Auto-Enrollment feature to assign training to any employee who fail for an attack
PhishAlarm	an email add-in for reporting suspected phishing emails	No additional charge, included with ThreatSim Email client add-in allowing employees to report phishing emails at a single-click of a mouse Positive reinforcement of reported phishing emails in the form of pop-up messages or emails
PhishAlarm Analyzer	an anti-phishing filter tool that quickly prioritizes reported emails, and a full library of brief	Available for an additional charge Anti-phishing filter to provide real-time ranking of suspicious emails by analyzing attributes and classifying them with security indicators of compromise (ICO’s) 3 email prioritization categories: Likely Phish, Suspicious, and Unlikely a Phish
Training Modules	interactive security awareness training modules designed to deliver effective education to your employees	25+ modules with brief lessons of game and interactive-based elements on security and compliance topics Reinforcement of material with practice multiple choice and true/false tests All training is created in-house and developed using Learning Science Principles Two formats: Standard (10-15 minutes) and Mini (5-7 minutes) Fully customizable with ‘Training Jackets’, before and after each module
Security Awareness Materials	a selection of videos, posters, images, and articles that are designed to keep cybersecurity an ongoing topic of conversation with your end users	Offered in over 15 languages Supplemental materials to reinforce security program: Awareness Video Campaigns, Images, Posters, and Articles Awareness Video Campaigns: brief high-level videos, with the option to add wrapper content of tailored information such as company policy at the start and close of each video Images: can be downloaded at a 1024x768 resolution, incorporated into screen savers, or added to electronic message boards/intranets/presentations/etc. Posters: are available in two sizes (11 in. x 17 in. and 24 in. x 36 in.), and can be printed via Wombat’s online portal or downloaded for local printing and targeted use Articles: great additions to newsletters, intranets, employee emails, presentations, and other communications

Why Wombat?

As a company founded from research, continuing education is at the crux of Wombat’s Security Education Platform and what a University, like Chatham represents.

Wombat is the first and only company to offer a complete suite of security education solutions that leverage progressive training techniques. Results are achieved through implementing the four key steps of Wombat’s Continuous Training Methodology: Assess, Educate, Reinforce, and Measure. A single cycle of the four-step methodology can be executed in as little as 1-2 months, which allows for repeatability and measurable change (Wombat, 2017). The solutions have assessments and reporting capabilities to ensure students are understanding the material, again just like in a University setting.  

With each of Wombat’s solution offering, the following items are included at no additional fee - this is Wombat’s Competitive Advantage!

Wombat’s Security Education Platform, which integrates interactive training, simulated attacks, reporting, and administrative capabilities into a cloud-based Enterprise-grade System, will allow students to complete training from anywhere students have internet access (Wombat, 2017). Allowing students to be train, along with the growing digital world (Chakravorti, B., Chaturvedi, R. S., & Tunnard, C. R., 2015). Wombat’s Security Program can be completed in a similar fashion to the Haven Plus training that Chatham students are required to complete before and during the school year. Ensuring students are properly educated, especially incoming freshmen without prior exposure to cyber security attacks, will protect the University, students, and faculty from vulnerabilities.

References

https://www.wombatsecurity.com/

Times, T. N. (2015, March 20). After the Kodak Moment. Retrieved September 24, 2017, from https://www.nytimes.com/video/business/100000003538108/after-the-kodak-moment.html

Chakravorti, B., Chaturvedi, R. S., & Tunnard, C. R. (2015, August 26). Where the Digital Economy Is Moving the Fastest. Retrieved September 24, 2017, from https://hbr.org/video/4443548302001/where-the-digital-economy-is-moving-the-fastest

Gallaugher, J. (2015). Information Systems: A Manager's Guide to Harnessing Technology (5th ed.). Boston, MA: Flat World Knowledge.